The new Gmail UI (currently being rolled out) adds the active email address to the title of the Inbox web page so that it displays as "Gmail - Inbox (<NN>) - <user>@gmail.com". <NN> is the count of unopened emails.

The old UI would only display "Gmail - Inbox (<NN>)".

This new UI exposes the users email address to other users on the computer who have access to the web browser, through a quick review of the browser history. This is a reduction in personal privacy - a roommate, spouse, child or sibling could have access to the same computer and notice that you were using a previously undisclosed email address. Similarly, it increases the need for clearing the browser history on public computers, whether internet kiosks or internet cafe.

I took a look at a possible email harvesting vector of opening an iframe to mail.google.com and examining the title of the iframe - as far as I know this isn't possible, not only because of some rather decent iframe-busting on the part of Google, but also because my domain isn't Google.com, and therefore document.iFrame.document.title wouldn't be accessible.

I know that this is old message but I'm doing some research on profiling users and find that this issue is more dangerous right now.

After user logout from GMail we can track all emails and labels that user read/open. With all this informations (labels names and subjects of emails) we can find more usefull informations very easy (e.g. using some social engineering) ...